From patchwork Sat Dec 14 19:56:56 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: corubba X-Patchwork-Id: 4000 Return-Path: Delivered-To: patchwork@openvpn.net Received: by 2002:a05:7000:1f13:b0:5e7:b9eb:58e8 with SMTP id hs19csp1208320mab; Sat, 14 Dec 2024 11:57:41 -0800 (PST) X-Forwarded-Encrypted: i=2; AJvYcCW+roK7/E5BObB9xdPkV82wVGQGniQgKYsNoJh3fO9XTt1055528D0FdqzwUZwpf+sKinK3oGrCA/Y=@openvpn.net X-Google-Smtp-Source: AGHT+IFZ7vpUuPTSVx9WMquuU6O7e7yG7ft4M177kOG0CgAJpxrOVsa40W/RrJut44MFOy/WRTIV X-Received: by 2002:a05:6870:b4a8:b0:29e:3d2a:a4a9 with SMTP id 586e51a60fabf-2a385333194mr6213242fac.5.1734206261416; Sat, 14 Dec 2024 11:57:41 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1734206261; cv=none; d=google.com; s=arc-20240605; b=jXNwSH0FE2nUjtCYwhMTEZZijQUBKzUVYA7P4iv3e7Th4l7CJA5obFLQ1M5/WYoXIO n0I1+wJmkYaJSPfXfXzLMtATVw06Qmj2MGx2AJxNMxkUKsIe730kNIQK+4C/D1ilW0/W eGWzVRX5NZIxBZKFIae4M94Fog1bTweSl4D3hyEG0XuymD8i56/JrO0GekBMRtDyu8Av W2VRxOdUsEzPzUT2DcgXRc7/BijXQ/vFdfYyMTw1dZTgau7h5NLy71GJdKhx3wXlvs1g S02FoiWdWlj7yAXYtbtPATsjSkyJMDB7lC5pRD5wWxBHLqoveQTHxog+p8sjbRduA0fz BalA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605; h=errors-to:content-transfer-encoding:reply-to:from:list-subscribe :list-help:list-post:list-archive:list-unsubscribe:list-id :precedence:subject:ui-outboundreport:to:content-language:user-agent :mime-version:date:message-id:dkim-signature:dkim-signature :dkim-signature; bh=qvXov/ihcSD39vQGNJcrU3hKkKVZ9yELYIiuL95I5CE=; fh=4NbAC/LsuMLI0S0hprUlLSLCiHwg6SCAifhH718Jh0Q=; b=PLi2tkdiINqRWOQEETRaFEHLz7VWqMVx5WcvZ5W+yKSaTyJ17Q4+NXM+m2PZ93iZ9Y pnNIRvUeE3/p4hCCAEevMYCstM1REfFSmimXdd98ru+XLm+Hlzs2gIcHuH1NNV5GwKIV PUaor0oMSnbuOfvpYBmG4lGn22cX8mmOBeSPFVZI6gRcaPOfMsp8WDazbFoOb44YQrRG qbyhdGU64lfmfu/dRyI8PAEapT0JTVsI7XcBb/TCD1Ws2g8aA9TP8doKzV4e+U/kyIme 2HPHUq+x+aMwKWyYv6dnFRL8+I6P2GhFp/g0wqMJhNul/UZ2+BIerTTFQ05dk9qyeoYk JS3Q==; dara=google.com ARC-Authentication-Results: i=1; mx.google.com; dkim=neutral (body hash did not verify) header.i=@sourceforge.net header.s=x header.b=jlVQBpdM; dkim=neutral (body hash did not verify) header.i=@sf.net header.s=x header.b=ZXIWhmLX; dkim=neutral (body hash did not verify) header.i=@gmx.de header.s=s31663417 header.b=Wli5+8mX; spf=pass (google.com: domain of openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as permitted sender) smtp.mailfrom=openvpn-devel-bounces@lists.sourceforge.net; dmarc=pass (p=QUARANTINE sp=NONE dis=NONE) header.from=sourceforge.net Received: from lists.sourceforge.net (lists.sourceforge.net. [216.105.38.7]) by mx.google.com with ESMTPS id 586e51a60fabf-2a3d2a1b663si1140813fac.183.2024.12.14.11.57.41 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Sat, 14 Dec 2024 11:57:41 -0800 (PST) Received-SPF: pass (google.com: domain of openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as permitted sender) client-ip=216.105.38.7; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@sourceforge.net header.s=x header.b=jlVQBpdM; dkim=neutral (body hash did not verify) header.i=@sf.net header.s=x header.b=ZXIWhmLX; dkim=neutral (body hash did not verify) header.i=@gmx.de header.s=s31663417 header.b=Wli5+8mX; spf=pass (google.com: domain of openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as permitted sender) smtp.mailfrom=openvpn-devel-bounces@lists.sourceforge.net; dmarc=pass (p=QUARANTINE sp=NONE dis=NONE) header.from=sourceforge.net Received: from [127.0.0.1] (helo=sfs-ml-1.v29.lw.sourceforge.com) by sfs-ml-1.v29.lw.sourceforge.com with esmtp (Exim 4.95) (envelope-from ) id 1tMYGZ-0000Fv-Eh; Sat, 14 Dec 2024 19:57:32 +0000 Received: from [172.30.29.66] (helo=mx.sourceforge.net) by sfs-ml-1.v29.lw.sourceforge.com with esmtps (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.95) (envelope-from ) id 1tMYGY-0000Fm-8g for openvpn-devel@lists.sourceforge.net; Sat, 14 Dec 2024 19:57:31 +0000 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sourceforge.net; s=x; h=Content-Transfer-Encoding:Content-Type:Subject:From :To:MIME-Version:Date:Message-ID:Sender:Reply-To:Cc:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:In-Reply-To:References:List-Id:List-Help:List-Unsubscribe: List-Subscribe:List-Post:List-Owner:List-Archive; bh=al0bXP6pRxaflnWIoehgMK+52quDuwx1fFDdgkEz1+A=; b=jlVQBpdMOVfxhMm1dY9CjLphxr prisHwbdDPcov2VN0JM6RGgNbEW0D3mWP6b8dsKhR7Wj9KsTCc5k41TNnSP9M3R6thhfWC7pwI8FL m8IDkSvteWoVIl3VuInOgKolANuTnLUjOxnl+j5cPfZC1XI5ZngC4zgZom3YY7FAIuq4=; DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sf.net; s=x ; h=Content-Transfer-Encoding:Content-Type:Subject:From:To:MIME-Version:Date: Message-ID:Sender:Reply-To:Cc:Content-ID:Content-Description:Resent-Date: Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To: References:List-Id:List-Help:List-Unsubscribe:List-Subscribe:List-Post: List-Owner:List-Archive; bh=al0bXP6pRxaflnWIoehgMK+52quDuwx1fFDdgkEz1+A=; b=Z XIWhmLXznLwSm8jTMb7sLF9Kn8rP4qbIkkwJVytY8P5wbJodpgk/O0Pm/NFanhsmcMutReIyO9EOU jqDUdffAhp2NOyeMGxQW6qjW+fwm/Ek0ze2fEQYI7kWn0XQDpKj0k157LUHY+qdQ9hskmJzUWHzyp kowHPHnqK2Mu+x38=; Received: from mout.gmx.net ([212.227.17.21]) by sfi-mx-2.v28.lw.sourceforge.com with esmtps (TLS1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.95) id 1tMYGX-0005dN-U4 for openvpn-devel@lists.sourceforge.net; Sat, 14 Dec 2024 19:57:30 +0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmx.de; s=s31663417; t=1734206238; x=1734811038; i=corubba@gmx.de; bh=al0bXP6pRxaflnWIoehgMK+52quDuwx1fFDdgkEz1+A=; h=X-UI-Sender-Class:Message-ID:Date:MIME-Version:To:From:Subject: Content-Type:Content-Transfer-Encoding:cc: content-transfer-encoding:content-type:date:from:message-id: mime-version:reply-to:subject:to; b=Wli5+8mXKgdeZ66GWiSPyc1Wv7gC+eZvEM/T3TKBY90pltSCpIG8dBAteEQbWvKg phrlYsHpPhrppuZka8SjcRy3nt4tu96AnmRFZe+2wb1fnMq9+yl7XDQwksioRBeBW tOkhjxOisjcorwX00Zy9C824vlrEVdtIRxpNwzJD++7cxh7eFVFo0a8DN4vSiH8u7 Nd1T9Jzac5+s4/jxl5tXAiLbUNTWYIeGZseJjcExL1xCz7HE3HpP6nh/XBWFsbhZM PLkTl70lBbK7zWsRrXvNgCgjJ60CBK+qWaErhtuetG70ZM724Mmcylk5BSpInd+qU MkvcGABVLDKSRHgjNw== X-UI-Sender-Class: 724b4f7f-cbec-4199-ad4e-598c01a50d3a Received: from [192.168.44.3] ([83.135.91.236]) by mail.gmx.net (mrgmx105 [212.227.17.168]) with ESMTPSA (Nemesis) id 1MatRT-1tth1J19A3-00dFAZ for ; Sat, 14 Dec 2024 20:57:18 +0100 Message-ID: Date: Sat, 14 Dec 2024 20:56:56 +0100 MIME-Version: 1.0 User-Agent: Mozilla Thunderbird Content-Language: de-CH To: openvpn-devel@lists.sourceforge.net X-Provags-ID: V03:K1:X0NxggXYYaS5uwUrFNsg6dVJ9BdAzE5HpJ2SB8F3rtnr6Wf0jdY d5KB9B75oGnN+u5sT46Au0B+/uRFPiyaNrwjgIu2NVhPar6q/7yz3+mryWY0CQnyaHV5Pbl TaiIe1uzJUDeKMVib1BKtkTCYTvr5B+cKwh0F0nnclr8ZlaAyOemD+/8Ct1b1P2gVhwox3i Vg6yXxUcpyEgU9HC3wj3Q== X-Spam-Flag: NO UI-OutboundReport: notjunk:1;M01:P0:o0A9aFp6AH0=;RyuOg0Wby4PnlnI/CyYT0X1owR9 Lusnq5+hJdyQDro5QNeMtto1onIlPoOvVKFlk3ATmy7Arck1XlywZtDl8FJcA77/I0ogPYXIn P5fTvevNbGT6OGx6ixQRbNN4/oNNHme38j9wPl1Izg4hgWzLvmquY8+Rq99FpRysYwY0SmLTH J7jGPfSBlHu5rP0SXUdqnD0txsWlnZgBdofFuQYz7vUgoi/bQvENC7v+ioBARUc5YjxuCcwhb GJTV9uydjDmYFJxEt4b7VIhBECe4BBUZu3zsBHaUD1PohmjLyaG8yvrfTaXOEfiqYvDpOOx2N FMj3d+uWsBd7ufG2qmrykCNnS95reyc9XDKFVQvW0Fp6G6RGBp/wf8zlFPActPgcHOg09ACAc TmWv4IDiI4E9E74SlKvaxCrnzLEmnmm5F4DqgNYGXl/ovvy8wELXAPzm6wdzZuHc3Xy7tqtr6 lUmeP3sJLEhUKRQmX/0+0gVrlANsOVjRlBOBD7W3G0786Ga5UAafTSIwTbp5RLDLeZBdMa9O/ A3grjFgppzB1PxU5hVNB5iFQqHiQVsGVRah5S3PJt+tM32MEre0GAaEoFDx8Uy+W/PAAPeCL5 V1dfsggoCMJ1yMreINXxJO1iYlhGP4PGPjqNupipygI4bD8+M4VickCN8GLzGa5rLiVpw3f8b UUd7D4iK4/o2iKZKu9sTavQZDhLnPjaCWJHgl3AAvCnCthmrr9R3JEr+WzEXdTT3/GVdQX9SS jgnw/o3dkbllbzCrgJwPCUJd6R1oUfzCJLiKteqt2u67ieBd/AZveNV6wv9VE/9zLi2NfxoUR Mv+nSUdZ2N6KX/eUPDg72hNTGWwNPON+/ORutm4c2m3+eL7cSPiJE3yHD3L4PH6QAz+COebvA LakRT0tlDwkp1EFAW/aId/dQ6ZPLRS4bql4cHOhKe2vDFu/l9xcPQV3zCiH4WwW9rFUkfaOBN n8OqKNGro3BTjEhOYmuwfRssVwb5yFNPaBidvkDhAF4vhqMe9mVdre8RwhWEs8qjxuUifIA6r wvaXOY79hmOUKXlaH38P/HFwlekH6b+d/XTuv9ZJdPAnH9in7hharnFPfxE2+sT71XSLUR3Fi L3CDQUfWEp3MCJLFeHZM4ft2JWtwaL X-Spam-Score: -0.9 (/) X-Spam-Report: Spam detection software, running on the system "util-spamd-1.v13.lw.sourceforge.com", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: While port-share already supports IPv6 connections from clients, it only supported IPv4 connections towards the proxy receiver. The used common/shared OpenVPN machinery is already IPv6-ready, so all n [...] Content analysis details: (-0.9 points, 6.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- 0.0 RCVD_IN_VALIDITY_CERTIFIED_BLOCKED RBL: ADMINISTRATOR NOTICE: The query to Validity was blocked. See https://knowledge.validity.com/hc/en-us/articles/20961730681243 for more information. [212.227.17.21 listed in sa-accredit.habeas.com] 0.0 RCVD_IN_VALIDITY_RPBL_BLOCKED RBL: ADMINISTRATOR NOTICE: The query to Validity was blocked. See https://knowledge.validity.com/hc/en-us/articles/20961730681243 for more information. [212.227.17.21 listed in bl.score.senderscore.com] -0.7 RCVD_IN_DNSWL_LOW RBL: Sender listed at https://www.dnswl.org/, low trust [212.227.17.21 listed in list.dnswl.org] 0.0 RCVD_IN_MSPIKE_H3 RBL: Good reputation (+3) [212.227.17.21 listed in wl.mailspike.net] -0.0 SPF_PASS SPF: sender matches SPF record 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider [corubba[at]gmx.de] -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain 0.0 RCVD_IN_MSPIKE_WL Mailspike good senders X-Headers-End: 1tMYGX-0005dN-U4 Subject: [Openvpn-devel] [PATCH] Support IPv6 towards port-share proxy receiver X-BeenThere: openvpn-devel@lists.sourceforge.net X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-Patchwork-Original-From: corubba via Openvpn-devel From: corubba Reply-To: corubba Errors-To: openvpn-devel-bounces@lists.sourceforge.net X-getmail-retrieved-from-mailbox: Inbox X-GMAIL-THRID: =?utf-8?q?1818447065099049468?= X-GMAIL-MSGID: =?utf-8?q?1818447065099049468?= While port-share already supports IPv6 connections from clients, it only supported IPv4 connections towards the proxy receiver. The used common/shared OpenVPN machinery is already IPv6-ready, so all needed was to use properly-sized `sockaddr` structs and removing hardcoded IPv4 restrictions. Signed-off-by: corubba Acked-by: Gert Doering --- src/openvpn/ps.c | 25 +++++++++++++++++-------- 1 file changed, 17 insertions(+), 8 deletions(-) -- 2.47.1 diff --git a/src/openvpn/ps.c b/src/openvpn/ps.c index 06bf91a8..d12ac9e6 100644 --- a/src/openvpn/ps.c +++ b/src/openvpn/ps.c @@ -414,7 +414,7 @@ proxy_connection_io_requeue(struct proxy_connection *pc, const int rwflags_new, static bool proxy_entry_new(struct proxy_connection **list, struct event_set *es, - const struct sockaddr_in server_addr, + const struct openvpn_sockaddr server_addr, const socket_descriptor_t sd_client, struct buffer *initial_data, const char *journal_dir) @@ -425,12 +425,12 @@ proxy_entry_new(struct proxy_connection **list, struct proxy_connection *cp; /* connect to port share server */ - if ((sd_server = socket(PF_INET, SOCK_STREAM, IPPROTO_TCP)) < 0) + if ((sd_server = socket(server_addr.addr.sa.sa_family, SOCK_STREAM, IPPROTO_TCP)) < 0) { msg(M_WARN|M_ERRNO, "PORT SHARE PROXY: cannot create socket"); return false; } - status = openvpn_connect(sd_server, (const struct sockaddr *) &server_addr, 5, NULL); + status = openvpn_connect(sd_server, &server_addr.addr.sa, 5, NULL); if (status) { msg(M_WARN, "PORT SHARE PROXY: connect to port-share server failed"); @@ -492,7 +492,7 @@ static bool control_message_from_parent(const socket_descriptor_t sd_control, struct proxy_connection **list, struct event_set *es, - const struct sockaddr_in server_addr, + const struct openvpn_sockaddr server_addr, const int max_initial_buf, const char *journal_dir) { @@ -740,7 +740,7 @@ bad: * This is the main function for the port share proxy background process. */ static void -port_share_proxy(const struct sockaddr_in hostaddr, +port_share_proxy(const struct openvpn_sockaddr hostaddr, const socket_descriptor_t sd_control, const int max_initial_buf, const char *journal_dir) @@ -822,7 +822,7 @@ port_share_open(const char *host, { pid_t pid; socket_descriptor_t fd[2]; - struct sockaddr_in hostaddr; + struct openvpn_sockaddr hostaddr; struct port_share *ps; int status; struct addrinfo *ai; @@ -836,11 +836,20 @@ port_share_open(const char *host, */ status = openvpn_getaddrinfo(GETADDR_RESOLVE|GETADDR_FATAL, - host, port, 0, NULL, AF_INET, &ai); + host, port, 0, NULL, AF_UNSPEC, &ai); ASSERT(status==0); - hostaddr = *((struct sockaddr_in *) ai->ai_addr); + ASSERT(sizeof(hostaddr.addr) >= ai->ai_addrlen); + memcpy(&hostaddr.addr.sa, ai->ai_addr, ai->ai_addrlen); freeaddrinfo(ai); + if (msg_test(D_PS_PROXY_DEBUG)) + { + struct gc_arena gc = gc_new(); + dmsg(D_PS_PROXY_DEBUG, "PORT SHARE PROXY: receiver will be %s", + print_openvpn_sockaddr(&hostaddr, &gc)); + gc_free(&gc); + } + /* * Make a socket for foreground and background processes * to communicate.